OPE: Explain what to do when KS_hs_blind_id is offline.

author: Nick Mathewson <nickm@torproject.org> 2023-11-16 12:24:22 -0500
committer: Nick Mathewson <nickm@torproject.org> 2023-11-16 13:03:43 -0500
commit: 0ed10da978c4c9b74ddf137dc9cb060a19eae64e (patch)
tree: c7d6398a3066697e90637b8aa1fcc62b32948fc6 /spec/rend-spec
parent: 00109f5880328a53638dfb9e877980221712d84e (diff)
download: torspec-0ed10da978c4c9b74ddf137dc9cb060a19eae64e.tar.gz
torspec-0ed10da978c4c9b74ddf137dc9cb060a19eae64e.zip
1 files changed, 4 insertions, 3 deletions
diff --git a/spec/rend-spec/revision-counter-mgt.md b/spec/rend-spec/revision-counter-mgt.md
index 22a5772..ec433f5 100644
--- a/spec/rend-spec/revision-counter-mgt.md
+++ b/spec/rend-spec/revision-counter-mgt.md
@@ -32,9 +32,10 @@ Let T be the number of seconds that have elapsed
 since the beginning of the time period,
 plus 1.  (T must be at least 1.)
 
-Let S be a secret that all the service providers share.  For
-example, it could be the private signing key corresponding to the
-current blinded key.
+Let S be a per-time-period secret that all the service providers share.
+(C tor and arti use `S = KS_hs_blind_id`;
+when `KS_hs_blind_id` is not available,
+implementations may use `S = KS_hs_desc_sign`.)
 
 Let K be an AES-256 key, generated as
 ```
author	Nick Mathewson <nickm@torproject.org>	2023-11-16 12:24:22 -0500
committer	Nick Mathewson <nickm@torproject.org>	2023-11-16 13:03:43 -0500
commit	0ed10da978c4c9b74ddf137dc9cb060a19eae64e (patch)
tree	c7d6398a3066697e90637b8aa1fcc62b32948fc6 /spec/rend-spec
parent	00109f5880328a53638dfb9e877980221712d84e (diff)
download	torspec-0ed10da978c4c9b74ddf137dc9cb060a19eae64e.tar.gz torspec-0ed10da978c4c9b74ddf137dc9cb060a19eae64e.zip